comment on

Have you considered the issues regarding security? Security through obscurity (not publishing the URL) is not security. URL's can be discovered eventually. You could require a login, but you mentioned you're opposed to that approach.

If you disable the use of all modules via disabling 'use', 'require', and 'do', the use of all system commands (including open), the backtick and qx// operators, the s///e construct, eval, you have suddenly created a huge project, and one that doesn't even touch the tip of the iceberg with respect to preventing malicious attacks.

I know that most of the simple attacks can be prevented, but when you expose the interpreter to the world, you have to be sure you thought of every possible attack.

Dave

In reply to Re: Setting up a web-based perl interpeter by davido
in thread Setting up a web-based perl interpeter by sulfericacid

Are you posting in the right place? Check out Where do I post X? to know for sure.
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
Want more info? How to link or How to display code and escape characters are good places to start.


more useful options
	PerlMonks